package com.cf.config;

import java.util.LinkedHashMap;
import java.util.Map;

import javax.servlet.Filter;

import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.session.mgt.SessionManager;
import org.apache.shiro.spring.LifecycleBeanPostProcessor;
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;
import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import com.cf.utils.shiro.UserRealm;
import com.cf.utils.shiro.myPaFilter;

/**
 * Shiro配置
 *
 */
@Configuration
public class ShiroConfig {

	@Bean(name = "sessionManager")
	public SessionManager sessionManager() {
		DefaultWebSessionManager sessionManager = new DefaultWebSessionManager();
		// 设置session过期时间为1小时(单位：毫秒)，默认为30分钟
		sessionManager.setGlobalSessionTimeout(30 * 60 * 1000);
		sessionManager.setSessionValidationSchedulerEnabled(true);
		sessionManager.setSessionIdUrlRewritingEnabled(false);
		return sessionManager;
	}

	@Bean(name = "securityManager")
	public SecurityManager securityManager(UserRealm userRealm,
			SessionManager sessionManager) {
		DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
		securityManager.setRealm(userRealm);
		securityManager.setSessionManager(sessionManager);
		return securityManager;
	}

	@Bean("shiroFilter")
	public ShiroFilterFactoryBean shirFilter(SecurityManager securityManager) {
		ShiroFilterFactoryBean shiroFilter = new ShiroFilterFactoryBean();
		shiroFilter.setSecurityManager(securityManager);
		shiroFilter.setLoginUrl("/login.html");

		// shiroFilter.setSuccessUrl("/index.html");
		 shiroFilter.setUnauthorizedUrl("/");

		// 自定义拦截器
		Map<String, Filter> filtersMap = shiroFilter.getFilters();
		filtersMap.put("roleFilter", roleFilter());
		shiroFilter.setFilters(filtersMap);

		// url拦截器
		Map<String, String> filterMap = new LinkedHashMap<>();
		filterMap.put("/public/**", "anon");
		filterMap.put("/webjars/**", "anon");
		filterMap.put("/api/**", "anon");

		// swagger配置
		filterMap.put("/swagger**", "anon");
		filterMap.put("/v2/api-docs", "anon");
		filterMap.put("/swagger-resources/configuration/ui", "anon");

		filterMap.put("/login.html", "anon");
		filterMap.put("/ruoyi/**", "anon");
		filterMap.put("/expired", "anon");
		filterMap.put("/img/**", "anon");
		filterMap.put("/sys/login", "anon");
		filterMap.put("/captcha.jpg", "anon");
		filterMap.put("/ureport/designer*",
				"authc,roleFilter[admin:ureport:designer]");
		// "perms[admin:ureport:designer]");
		filterMap.put("/**", "authc");//
		shiroFilter.setFilterChainDefinitionMap(filterMap);
		return shiroFilter;
	}

	@Bean(name = "roleFilter")
	public myPaFilter roleFilter() {
		myPaFilter roleFilter = new myPaFilter();
		return roleFilter;
	}

	@Bean(name = "lifecycleBeanPostProcessor")
	public LifecycleBeanPostProcessor lifecycleBeanPostProcessor() {
		return new LifecycleBeanPostProcessor();
	}

	@Bean
	public DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator() {
		DefaultAdvisorAutoProxyCreator proxyCreator = new DefaultAdvisorAutoProxyCreator();
		proxyCreator.setProxyTargetClass(true);
		return proxyCreator;
	}

	@Bean
	public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(
			SecurityManager securityManager) {
		AuthorizationAttributeSourceAdvisor advisor = new AuthorizationAttributeSourceAdvisor();
		advisor.setSecurityManager(securityManager);
		return advisor;
	}

}
